Do not check for wildcard domains for non DNS challenge

2023-05-16 17:00:06 +03:00 · 2023-05-16 17:00:06 +03:00 · 021f37ff71
commit 021f37ff71
parent 511762cbf3
2 changed files with 2 additions and 15 deletions
--- a/pkg/provider/acme/provider.go
+++ b/pkg/provider/acme/provider.go
@ -922,15 +922,9 @@ func (p *Provider) sanitizeDomains(ctx context.Context, domain types.Domain) ([]

 	var cleanDomains []string
 	for _, dom := range domains {
-		if strings.HasPrefix(dom, "*") {
-			if p.DNSChallenge == nil {
-				return nil, fmt.Errorf("unable to generate a wildcard certificate in ACME provider for domain %q : ACME needs a DNSChallenge", strings.Join(domains, ","))
-			}
-
 		if strings.HasPrefix(dom, "*.*") {
 			return nil, fmt.Errorf("unable to generate a wildcard certificate in ACME provider for domain %q : ACME does not allow '*.*' wildcard domain", strings.Join(domains, ","))
 		}
-		}

 		canonicalDomain := types.CanonicalDomain(dom)
 		cleanDomain := dns01.UnFqdn(canonicalDomain)
--- a/pkg/provider/acme/provider_test.go
+++ b/pkg/provider/acme/provider_test.go
@ -217,13 +217,6 @@ func TestProvider_sanitizeDomains(t *testing.T) {
 			expectedErr:     "no domain was given",
 			expectedDomains: nil,
 		},
-		{
-			desc:            "no DNSChallenge",
-			domains:         types.Domain{Main: "*.traefik.wtf", SANs: []string{"foo.traefik.wtf"}},
-			dnsChallenge:    nil,
-			expectedErr:     "unable to generate a wildcard certificate in ACME provider for domain \"*.traefik.wtf,foo.traefik.wtf\" : ACME needs a DNSChallenge",
-			expectedDomains: nil,
-		},
 		{
 			desc:            "unauthorized wildcard with SAN",
 			domains:         types.Domain{Main: "*.*.traefik.wtf", SANs: []string{"foo.traefik.wtf"}},